This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Intercept X Sophos Tester Mozilla - WinInet exploit succeeded

Windows 10 64bit

Attack : WinINet
Time : 2017-07-27 10:41:12
Computer: LF-B011
Platform: Windows 10 Pro (64-bit)
Target : Firefox 54.0.1 (firefox.exe)

Initializing ...
Process created (PID 8004)
Target received exploit.
Target executing exploit ...
Executing ...
Wininet functions detoured. Waiting ...
Result: Exploit succeeded

 

Received a message from Sophos telling me that my browser was compromised.



This thread was automatically locked due to age.
Parents
  • For the Sophos Tester we are asking folks post their questions on the Intercept X Early Access Program forum

    The Sophos tester is designed to run on a device without Sophos deployed or one with the Early Access Program endpoint.

    For WinINet tests Intercept X is monitoring the Crypto, Network and presentation dlls of the browser to detect when another application is interfering. This is to detect when we have a potential Man-In-The-Browser attack, commonly used with banking Trojans. 

    In most instances you will get the notification of the detected activity and the end user should terminate the browser session. Intercept X will not automatically terminate the session.

Reply
  • For the Sophos Tester we are asking folks post their questions on the Intercept X Early Access Program forum

    The Sophos tester is designed to run on a device without Sophos deployed or one with the Early Access Program endpoint.

    For WinINet tests Intercept X is monitoring the Crypto, Network and presentation dlls of the browser to detect when another application is interfering. This is to detect when we have a potential Man-In-The-Browser attack, commonly used with banking Trojans. 

    In most instances you will get the notification of the detected activity and the end user should terminate the browser session. Intercept X will not automatically terminate the session.

Children
No Data